Hello everyone.
I upgraded a freeipa server from fedora 20 to fedora 22. It mostly
worked ok, but there are a few issues:
- pki-tomcat didn't start after the upgrade, and that in turn made
ipa-upgradeconfig fail, because /var/lib/pki/pki-tomcat/conf/ca/CS.cfg
had the wrong owner (root).
-
Hm.
@Jakub :
I cannot upgrade, because I am not the hosting provider managing this VM
unfortunately.
I need to make it work with RHEL 6.4.
@Sam :
Selinux is deactivated :
cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX=disabled
# enforcing - SELin
On Fri, May 29, 2015 at 06:25:24PM +0200, bahan w wrote:
> Hello everyone.
>
> I send you this mail because I have a problem with the installation of
> FreeIPA Server 3.0 on a VM running on RHEL 6.4.
This is really old, please upgrade if you can, ideally to RHEL-7.
--
Manage your subscription f
Hello everyone.
I send you this mail because I have a problem with the installation of
FreeIPA Server 3.0 on a VM running on RHEL 6.4.
First, when I performed the yum install ipa-server, I got an error but the
installation finished finally with a complete.
Here it is :
##
On Fri, 29 May 2015, Christopher Lamb wrote:
Hi All
Some weeks ago I setup a new FreeIPA 4.1.0 on an OEL 7.1 server to replace
the existing FreeIPA 3.0.0 running on OEL 6.5, and successfully migrated
across the users.
We have 50 odd Servers that are FreeIPA clients. Today I started migrating
t
Hi All
Some weeks ago I setup a new FreeIPA 4.1.0 on an OEL 7.1 server to replace
the existing FreeIPA 3.0.0 running on OEL 6.5, and successfully migrated
across the users.
We have 50 odd Servers that are FreeIPA clients. Today I started migrating
these one-by-one from the old FreeIPA 3.x server
On Fri, 2015-05-29 at 10:06 +0200, Martin Kosek wrote:
> On 05/29/2015 07:48 AM, Christoph Kaminski wrote:
> > Hi
> >
> > I have had a defect entries in ldap for a replica and deleted them. But now
> > the
> > dirsrv keytab (/etc/dirsrv/ds.keytab) doesnt work anymore (revoked). The
> > replica sta
>
> On May 29, 2015, at 00:41, thierry bordaz wrote:
>
>> On 05/29/2015 08:16 AM, Christoph Kaminski wrote:
>> freeipa-users-boun...@redhat.com schrieb am 28.05.2015 13:23:26:
>>
>> > Von: Alexander Frolushkin
>> > An: "'thierry bordaz'"
>> > Kopie: "freeipa-users@redhat.com"
>> > Datum:
Afternoon,
I'm currently attempting to set up an existing vsphere environment to use
freeipa 4.1.0 for authentication, following this guide:
http://www.freeipa.org/page/HowTo/vsphere5_integration
I've followed it all through, and for the purposes for testing, I've created a
user called sam tha
On 05/29/2015 11:18 AM, David Lin wrote:
the other hosts do not have certificate set.
What IPA version is it?
host-find/show should use /etc/httpd/alias dir, as Martin wrote. Could
you check if there is anything wrong with this directory, e.g. missing
files, missing dir, wrong SELinux conte
Martin Kosek schrieb am 29.05.2015 10:06:45:
>
> Running ipa-getkeytab on this replica is tricky - as if replication
> is down and
> you do this, the old key is revoked and new one is generated - which is
not
> known for the other master as replication is not working and you get in
a
> stra
the other hosts do not have certificate set.
Thanks,
David
On 05/29/2015 02:05 AM, Petr Vobornik wrote:
On 05/29/2015 10:45 AM, David Lin wrote:
ipa host-find produces this
ipa: ERROR: Certificate format error: (SEC_ERROR_LEGACY_DATABASE) The
certificate/key database is in an old, unsupporte
On 05/29/2015 10:45 AM, David Lin wrote:
ipa host-find produces this
ipa: ERROR: Certificate format error: (SEC_ERROR_LEGACY_DATABASE) The
certificate/key database is in an old, unsupported format.
and ipa host-show on only one of the hosts show
ipa: ERROR: Certificate format error: (SEC_ERROR_
On 29.5.2015 10:06, Martin Kosek wrote:
> On 05/29/2015 07:48 AM, Christoph Kaminski wrote:
>> Hi
>>
>> I have had a defect entries in ldap for a replica and deleted them. But now
>> the
>> dirsrv keytab (/etc/dirsrv/ds.keytab) doesnt work anymore (revoked). The
>> replica starts but it cant conne
ipa host-find produces this
ipa: ERROR: Certificate format error: (SEC_ERROR_LEGACY_DATABASE) The
certificate/key database is in an old, unsupported format.
and ipa host-show on only one of the hosts show
ipa: ERROR: Certificate format error: (SEC_ERROR_LEGACY_DATABASE) The
certificate/key datab
On 05/29/2015 10:02 AM, Martin Kosek wrote:
On 05/29/2015 01:27 AM, David Lin wrote:
Hi,
When I try to add multiple hosts, on the web UI, when I go to the host
tab,
This means that Web UI calls `ipa host-find` and couple of `ipa
host-show` commands. Could you try it in CLI find out which comm
On 05/29/2015 01:27 AM, David Lin wrote:
Hi,
When I try to add multiple hosts, on the web UI, when I go to the host tab, I
get
Certificate format error: (SEC_ERROR_LEGACY_DATABASE) The certificate/key
database is in an old, unsupported format.
What does this mean?
That's strange. CCIng Petr.
On 05/29/2015 07:48 AM, Christoph Kaminski wrote:
Hi
I have had a defect entries in ldap for a replica and deleted them. But now the
dirsrv keytab (/etc/dirsrv/ds.keytab) doesnt work anymore (revoked). The
replica starts but it cant connect other replicas (but other replicas can
connect to it).
Only a very basic "fractional replication" - you can remove selected attributes
from replicating. It is possible even now and can be configured on each
replication agreement:
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/managing-fractional
On 05/29/2015 08:16 AM, Christoph Kaminski wrote:
freeipa-users-boun...@redhat.com schrieb am 28.05.2015 13:23:26:
> Von: Alexander Frolushkin
> An: "'thierry bordaz'"
> Kopie: "freeipa-users@redhat.com"
> Datum: 28.05.2015 13:24
> Betreff: Re: [Freeipa-users] Haunted servers?
> Gesendet von:
On 05/28/2015 11:00 PM, Timothy Worman wrote:
On May 28, 2015, at 12:26 PM, Martin Kosek wrote:
On 05/28/2015 07:10 PM, Timothy Worman wrote:
On Mar 26, 2015, at 3:08 PM, Dmitri Pal wrote:
On 03/26/2015 03:19 PM, Timothy Worman wrote:
On Mar 26, 2015, at 11:42 AM, Martin Kosek wrote:
On
21 matches
Mail list logo